Related Families: Qakbot
Verticals Targeted: Critical Infrastructure, Healthcare
Related Families: Effluence
Executive Summary
A Linux variant of Cerber ransomware was observed exploiting CVE-2023-22518, a vulnerability affecting Atlassian Confluence.
Verticals Targeted: Government, Healthcare
Executive Summary
INC is a relatively new ransomware group that has been active since summer 2023. The group recently claimed responsibility for attacks on Leicester City Council and NHS services in Scotland.
Related Families: Babuk
Verticals Targeted: Healthcare, Finance, Insurance
Executive Summary
RA World is a multistage ransomware family that was recently observed targeting healthcare entities in Latin America.
Related Families: Elking, Eight, Devos, Backmydata, Faust, Perdak, CrySiS, Dharma, SmokeLoader, Cobalt Strike, Bloodhound
Verticals Targeted: Critical Infrastructure, Government, Emergency Services, Education, Healthcare
Executive Summary
CISA recently released an advisory on Phobos ransomware being used to target critical infrastructure entities, including government entities, emergency services, education, public healthcare, and other unspecified entities.
Verticals Targeted: Government
Executive Summary
LockBit has been one of the most prolific RaaS families of all time. Despite being all but dismantled by law enforcement earlier this month, the group appears to be back and is setting its sights on government targets.
Related Families: GateDoor
Verticals Targeted: Cryptocurrency
Executive Summary
RustDoor is a new MacOS backdoor written in Rust. RustDoor was observed targeting companies in the cryptocurrency sector.
Verticals Targeted: Critical Infrastructure, Energy, Oil & Gas
Executive Summary
ALPHV recently claimed responsibility for a cybersecurity incident targeting Canada's Trans-Northern Pipelines.